This section provides information to help you get started with secure connections. This information includes how to obtain certificates, create self-signed certificates and set up the Secure Sockets Layer (SSL). Links to related topics appear at the end of this section.
When you set up secure connections, associate your public key with a digitally signed certificate from a certificate authority (CA), designated as a trusted CA on your server.
You can obtain a certificate two ways:
You can buy a signed certificate by submitting a certificate request to a CA provider. The IBM HTTP Server supports several external certificate authorities. By default, many CAs exist as trusted CAs on the IBM HTTP Server. See Listing trusted CAs on the IBM HTTP Server for a list.
Use IKEYMAN to create a new key pair and certificate request to send to an external CA. Then define SSL settings in the Security folder in the Administration Server.
To set up Secure Sockets Layer (SSL) using the default configuration file (<install_root>/conf/httpd.conf):
To start a secure virtual host: